c8028e9fb503c2fb491aa5acaddb77af383b19933f12eca9b79b70651fbfb579 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8028e9fb503c2fb491aa5acaddb77af383b19933f12eca9b79b70651fbfb579
Size

1008KB
MD5

409b6786d2ee094c807817f899bf9fbc
SHA1

86b24d7e5a29ff61413cb8dd6be7638be2c56a2f
SHA256

c8028e9fb503c2fb491aa5acaddb77af383b19933f12eca9b79b70651fbfb579
SHA512

95a73ea3adf5e02b3d35737b278f90bfe998357082c2864ea1232e9e8a81a75dad0f4de30086aca6ffd5f3348bb2700b814ffaa722b904eeee842890dafd632a
SSDEEP

24576:Vady2kuoOPY94f+sL4AQt9e7bQVcchhJFmmvreNVIMbd5X:VKItOC8cnegqMJFmmBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8028e9fb503c2fb491aa5acaddb77af383b19933f12eca9b79b70651fbfb579

Files

c8028e9fb503c2fb491aa5acaddb77af383b19933f12eca9b79b70651fbfb579
.exe windows:4 windows x86 arch:x86

989ab99d12989b2cfee970fc7590b6a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

kernel32

GetModuleFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 112KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ